Tag feed

#privilege-escalation

87 posts1 followers

Trending tags this week

Develpy (CTF Challenge - THM)

6d ago · 6 min read · Introduction Develpy is a beginner-friendly TryHackMe challenge that focuses on code injection and privilege escalation via cron job abuse. The attack surface starts with a custom Python 2 service r

Join discussion

JJebitoksharonjebitok.com

0

Break Out The Cage (CTF Challenge - THM)

6d ago · 18 min read · INTRO In this TryHackMe room, Break Out The Cage, we step into a Nicolas Cage-themed CTF that layers enumeration, classical cryptography, and privilege escalation into a full attack chain. The challen

Join discussion

JJebitoksharonjebitok.com

0

Team (CTF Challenge - THM)

6d ago · 8 min read · nmap -p- -sV IP_Address PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.5 22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.13 (Ubuntu Linux; protocol 2.0) 80/tcp open http Apache h

Join discussion

JJebitoksharonjebitok.com

0

Wonderland (CTF Challenge - THM)

6d ago · 12 min read · Intro: Wonderland is a beginner-friendly CTF room on TryHackMe themed around Lewis Carroll's Alice in Wonderland. The challenge walks through a full attack chain — web enumeration, steganography hints

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

API Security in DVWA

Mar 21 · 24 min read · 1 Introduction In this post, the API Security vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks across all security levels is to exploit weaknesses in

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

Authorisation Bypass in DVWA

Mar 8 · 12 min read · 1 Introduction In this post, the Authorisation Bypass vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to identify any areas where a

Join discussion

RRCE.0psrceops.hashnode.dev

0

Active Directory Enumeration: ldeep

Feb 27 · 16 min read · ldeep is a post-exploitation LDAP enumeration tool designed for use in Active Directory environments. It enables red teamers, security professionals, and penetration testers to query domain objects an

Join discussion

RRCE.0psrceops.hashnode.dev

0

Jenkins Penetration Testing

Feb 27 · 6 min read · Jenkins Penetration Testing is essential for identifying security vulnerabilities in Jenkins, an open-source automation server used for continuous integration (CI) and continuous delivery (CD). Built

Join discussion

EWEricson Williansscarletbuffer.hashnode.dev

0

When Deserialization Meets eval(): Anatomy of a Full-Stack Compromise

Feb 26 · 5 min read · Security incidents rarely hinge on a single catastrophic bug. More often, they emerge from layered design shortcuts — each individually survivable, but collectively fatal. This case study examines a r

Join discussion

SSravanpurplelabs.hashnode.dev

0

DLL Search Order Abuse: Privilege Escalation, and EDR Unhooking

Feb 18 · 7 min read · Introduction Modern enterprise environments rely heavily on third-party and internally developed applications to support daily operations. These applications frequently depend on Dynamic Link Libraries (DLLs) to load required functionality at runtime...

Join discussion

#privilege-escalation

Search Hashnode

#privilege-escalation

Trending tags this week

Develpy (CTF Challenge - THM)

Break Out The Cage (CTF Challenge - THM)

Team (CTF Challenge - THM)

Wonderland (CTF Challenge - THM)

API Security in DVWA

Authorisation Bypass in DVWA

Active Directory Enumeration: ldeep

Jenkins Penetration Testing

When Deserialization Meets eval(): Anatomy of a Full-Stack Compromise

DLL Search Order Abuse: Privilege Escalation, and EDR Unhooking